1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-23 00:50:48 +00:00

Merge branch 'develop' into develop

This commit is contained in:
justmurphy 2021-12-22 17:08:03 -05:00 committed by GitHub
commit 33ba68d913
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -132,7 +132,7 @@ This list was initially populated using information from the following sources:
| Atlassian | Jira Server & Data Center | All | Not Affected | | [Multiple Products Security Advisory - Log4j Vulnerable To Remote Code Execution - CVE-2021-44228](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html)| This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. | | | | Atlassian | Jira Server & Data Center | All | Not Affected | | [Multiple Products Security Advisory - Log4j Vulnerable To Remote Code Execution - CVE-2021-44228](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html)| This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. | | |
| Attivo networks | | | | | [Attivo Networks Advisory](https://www.attivonetworks.com/wp-content/uploads/2021/12/Log4j_Vulnerability-Advisory-211213-4.pdf) | | | | | Attivo networks | | | | | [Attivo Networks Advisory](https://www.attivonetworks.com/wp-content/uploads/2021/12/Log4j_Vulnerability-Advisory-211213-4.pdf) | | | |
| AudioCodes | | | | | [AudioCodes Link](https://services.audiocodes.com/app/answers/kbdetail/a_id/2225) | | | | | AudioCodes | | | | | [AudioCodes Link](https://services.audiocodes.com/app/answers/kbdetail/a_id/2225) | | | |
| Autodesk | | | | | [Autodesk Article Link](https://knowledge.autodesk.com/support/autocad/troubleshooting/caas/sfdcarticles/sfdcarticles/CVE-2021-44228.html) | | | | | Autodesk | | | Under Investigation | | [Autodesk Article Link](https://knowledge.autodesk.com/support/autocad/troubleshooting/caas/sfdcarticles/sfdcarticles/CVE-2021-44228.html) | Autodesk is continuing to perform a thorough investigation in relation to the recently discovered Apache Log4j security vulnerabilities. We continue to implement several mitigating factors for our products including patching, network firewall blocks, and updated detection signatures to reduce the threat of this vulnerability and enhance our ability to quickly respond to potential malicious activity. We have not identified any compromised systems in the Autodesk environment due to this vulnerability, at this time. This is an ongoing investigation and we will provide updates on the [Autodesk Trust Center as we learn more](https://www.autodesk.com/trust/overview). | | 12/21/2021 |
| Automox | | | | | [Automox Blog Post](https://blog.automox.com/log4j-critical-vulnerability-scores-a-10) | | | | | Automox | | | | | [Automox Blog Post](https://blog.automox.com/log4j-critical-vulnerability-scores-a-10) | | | |
| Autopsy | | | | | [Autopsy Link](https://www.autopsy.com/autopsy-and-log4j-vulnerability/) | | | | | Autopsy | | | | | [Autopsy Link](https://www.autopsy.com/autopsy-and-log4j-vulnerability/) | | | |
| Auvik | | | | | [Auvik Status Link](https://status.auvik.com/incidents/58bfngkz69mj) | | | | | Auvik | | | | | [Auvik Status Link](https://status.auvik.com/incidents/58bfngkz69mj) | | | |
@ -2069,6 +2069,7 @@ download | | 12/20/2021 |
| PaperCut | PaperCut NG | 21.0 and later | Affected | Yes | [https://www.papercut.com/support/known-issues/?id=PO-684#ng](https://www.papercut.com/support/known-issues/?id=PO-684#ng) | Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve.| | 12/16/2021 | | PaperCut | PaperCut NG | 21.0 and later | Affected | Yes | [https://www.papercut.com/support/known-issues/?id=PO-684#ng](https://www.papercut.com/support/known-issues/?id=PO-684#ng) | Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve.| | 12/16/2021 |
| Parallels | | | | | [Parellels Link](https://kb.parallels.com/en/128696) | | | | | Parallels | | | | | [Parellels Link](https://kb.parallels.com/en/128696) | | | |
| Parse.ly | | | | | [Parse.ly Blog Post](https://blog.parse.ly/parse-ly-log4shell/) | | | | | Parse.ly | | | | | [Parse.ly Blog Post](https://blog.parse.ly/parse-ly-log4shell/) | | | |
| PBXMonitor | RMM for 3CX PBX | | Not Affected | | [PBXMonitor Changelog](https://www.pbxmonitor.net/changelog.php) | Mirror Servers were also checked to ensure Log4J was not installed or being used by any of our systems. | | 12/22/2021 |
| Pega | | | | | [Pega Docs Link](https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability) | | | | | Pega | | | | | [Pega Docs Link](https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability) | | | |
| Pentaho | | | | |[Pentaho Support Link](https://support.pentaho.com/hc/en-us/articles/4416229254541-log4j-2-zero-day-vulnerability-No-impact-to-supported-versions-of-Pentaho-) | | | | | Pentaho | | | | |[Pentaho Support Link](https://support.pentaho.com/hc/en-us/articles/4416229254541-log4j-2-zero-day-vulnerability-No-impact-to-supported-versions-of-Pentaho-) | | | |
| Pepperl+Fuchs | | | Under Investigation | | [Pepperl+Fuchs Advisory Link](https://www.pepperl-fuchs.com/global/en/29079.htm) | | | 12/21/2021 | | Pepperl+Fuchs | | | Under Investigation | | [Pepperl+Fuchs Advisory Link](https://www.pepperl-fuchs.com/global/en/29079.htm) | | | 12/21/2021 |